File _patchinfo of Package patchinfo.29132

<patchinfo incident="29132">
  <issue tracker="bnc" id="1027519">Xen: Missing upstream bug fixes</issue>
  <issue tracker="bnc" id="1211433">VUL-0: CVE-2022-42336: xen: Mishandling of guest SSBD selection on AMD hardware (XSA-431)</issue>
  <issue tracker="bnc" id="1208736">GCC 13: xen package fails</issue>
  <issue tracker="bnc" id="1210315">VUL-0: CVE-2022-42335: xen: x86 shadow paging arbitrary pointer dereference (XSA-430)</issue>
  <issue tracker="bnc" id="1209245">Xen VM fails to be destroyed (or crashes completely?) if Linux kernel in HVM guest records a crash with configured crashkernel+kdump</issue>
  <issue tracker="bnc" id="1210570">gcc-13 realloc use-after-free analysis error</issue>
  <issue tracker="bnc" id="1209237">xen-syms doesn't contain debug-info</issue>
  <issue tracker="cve" id="2022-42335"/>
  <issue tracker="cve" id="2022-42336"/>
  <packager>charlesa</packager>
  <rating>important</rating>
  <category>security</category>
  <reboot_needed/>
  <summary>Security update for xen</summary>
  <description>This update for xen fixes the following issues:

Security fixes:

- CVE-2022-42336: Fix an issue where guests configuring AMD
  Speculative Store Bypass Disable would have no effect (XSA-431)
  (bsc#1211433).
- CVE-2022-42335: Fixed an issue where guests running under shadow
  mode with a PCI devices passed through could force the hypervisor
  to dereference arbitrary memory, leading to a denial of service
  (XSA-430) (bsc#1210315).

Non-security fixes:

- Fixed a build warning false positive (bsc#1210570).
- Added missing debug-info to xen-syms (bsc#1209237).
- Updated to version 4.17.1 (bsc#1027519).
- Fixed a failure during VM destruction when using host-assisted kexec
  and kdump (bsc#1209245).
- Other upstream fixes (bsc#1027519).
</description>
</patchinfo>